pool/curl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 857895 from devel:libraries:c_c++

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/857895
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/curl?expand=0&rev=163
This commit is contained in:
Dominique Leuenberger 2020-12-23 13:21:00 +00:00 committed by Git OBS Bridge
commit 6c2a53886b
9 changed files with 92 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
curl-7.73.0.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7c4c7ca4ea88abe00fea4740dcf81075c031b1d0bb23aff2d5efde20a3c2408a
size 2394228

11
curl-7.73.0.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl+GkkYACgkQXMkI/bce
EsI5vwf+NwIw3Jmn9lW7/VHNgFWB1Qa0gB4KlDISM2qG9CHzeIW8K50g2JiIAuLa
CVOfuMi/jg1r2INRLErZzdGDtD71TzjaEv6A/dxWL+k5/ieFxmH5iC80rYWi8EE9
sv/bx8vEq8ikIqqV7KxYPlX8xMJBMfCs+TNQbzYM3WUDMLYJLpuNiWrzS6h8+mPq
4w8qYyrNI5x/J3HSJuzyoJy0ueQOQ6CaZwV/ViGBLmFkMKgsAXJu9ImRMmJXKAk5
MLiVUKI1KpHJNHZS5pLIP5wrjIN3z7FIRxThJ6f/IqUF1mIc6MNnqcER6lBtxeq4
SuRq9Dx5W2en/g+I5iic8GwkDD+U6A==
=W3Yh
-----END PGP SIGNATURE-----

3
curl-7.74.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:999d5f2c403cf6e25d58319fdd596611e455dd195208746bc6e6d197a77e878b
size 2400972

11
curl-7.74.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl/QcZ8ACgkQXMkI/bce
EsJYnggAs5MbJByXsUEI3LzdRvjb2s/dNS/+ubJ98GL+ed8uVsLmGxdF0fS9EPVX
+KoaYbaZwjZJH43+UyqtoFr4GQKhxxhcyZi3477s9Ws9x60yEA21oIggkQLF6X+E
OEymG0YmNUn/6vvWizCWZtE7TkoWAXEzPLyVbBzoFzfmgzxiQ9//usKCaDh/nCWA
kouxubBJbpdjk8KTnVf5HMP5PJKs9LeiVh9B2F+Rq1cEvzLrxNlDYptEgH/ml5Sd
WsWeWttngs2pnZu0pMQNGhdXp6XC5lteN21C1/3hy3KVFUnkqaA+1IHm39wBE73j
Bmnoi36d+Ub6ZT3Va84Dp/tWJ65Xig==
=9ka/
-----END PGP SIGNATURE-----

4
curl-disabled-redirect-protocol-message.patch
View File

@ -10,8 +10,8 @@ Index: curl-7.63.0/lib/url.c
+ !(data->set.redir_protocols & p->protocol)) {
/* nope, get out */
- ;
+ failf(data, "Redirect to protocol \"%s\" not supported or disabled in " LIBCURL_NAME,
+ protostr);
+ failf(data, "Redirect to protocol \"%s\" not supported or disabled in "
+ LIBCURL_NAME, protostr);
+
+ return CURLE_UNSUPPORTED_PROTOCOL;
+ }

32
curl-use_OPENSSL_config.patch
View File

@ -1,32 +0,0 @@
This basically reverts https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a
Index: curl-7.65.2/lib/vtls/openssl.c
===================================================================
--- curl-7.65.2.orig/lib/vtls/openssl.c
+++ curl-7.65.2/lib/vtls/openssl.c
@@ -1026,22 +1026,12 @@ static int Curl_ossl_init(void)
ENGINE_load_builtin_engines();
#endif
-/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and
- 0.9.8e */
-#ifndef CONF_MFLAGS_DEFAULT_SECTION
-#define CONF_MFLAGS_DEFAULT_SECTION 0x0
-#endif
-
-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
- CONF_modules_load_file(NULL, NULL,
- CONF_MFLAGS_DEFAULT_SECTION|
- CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
- /* OpenSSL 1.1.0+ takes care of initialization itself */
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
+ OPENSSL_config(NULL);
+
/* Lets get nice error messages */
SSL_load_error_strings();

57
curl.changes
View File

@ -1,3 +1,60 @@
-------------------------------------------------------------------
Fri Dec 18 20:04:33 UTC 2020 - Cristian Rodríguez <crrodriguez@opensuse.org>
- Enable zstd and brotli support
-------------------------------------------------------------------
Mon Dec 14 15:25:07 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
- Update to 7.74.0
* Changes:
hsts: add experimental support for Strict-Transport-Security
* Bugfixes:
- Inferior OCSP verification [bsc#1179593, CVE-2020-8286]
- FTP wildcard stack overflow [bsc#1179399, CVE-2020-8285]
- trusting FTP PASV responses [bsc#1179398, CVE-2020-8284]
- Revert "multi: implement wait using winsock events"
- openssl: free mem_buf in error path
- ntlm: avoid malloc(0) on zero length user and domain
- ngtcp2: use the minimal version of QUIC supported by ngtcp2
- ngtcp2: advertise h3 ALPN unconditionally
- file: avoid duplicated code sequence
- openssl: guard against OOM on context creation
- docs: document the 8MB input string limit for curl_easy_escape
and curl_easy_setopt()
- hsts: add read/write callbacks
- hsts: add support for Strict-Transport-Security
- alt-svc: enable by default
- checksrc: warn on empty line before open brace
- connect: repair build without ipv6 availability
- curl.se: new home
- ftp: retry getpeername for FTP with TCP_FASTOPEN
- gnutls: fix memory leaks (certfields memory wasn't released)
- http: pass correct header size to debug callback for chunked post
- libssh2: fix transport over HTTPS proxy
- openssl: guard against OOM on context creation
- openssl: use OPENSSL_init_ssl() with >= 1.1.0
- Revert "multi: implement wait using winsock events"
- socks: check for DNS entries with the right port number
- tool_operate: --retry for HTTP 408 responses too
- tool_operate: bail out proper on errors during parallel transfers
- urlapi: don't accept blank port number field without scheme
- urlapi: URL encode a '+' in the query part
- vquic/ngtcp2.h: define local_addr as sockaddr_storage
- Update check section:
* runtests now supports dynamically base64 encoded sections in tests
* Replace env interpreter for perl and python3
- Remove curl-use_OPENSSL_config.patch since the OpenSSL initialization
has been updated to use OPENSSL_init_ssl() with >= 1.1.0
-------------------------------------------------------------------
Tue Oct 20 10:33:34 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
- Update patches to fix compiling warnings:
* curl-disabled-redirect-protocol-message.patch
* libcurl-ocloexec.patch
- Enable test 1165
-------------------------------------------------------------------
Wed Oct 14 21:29:48 UTC 2020 - Pedro Monreal <pmonreal@suse.com>

41
curl.spec
View File

@ -21,21 +21,20 @@
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl
Version: 7.73.0
Version: 7.74.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
URL: https://curl.haxx.se/
Source: https://curl.haxx.se/download/curl-%{version}.tar.xz
Source2: https://curl.haxx.se/download/curl-%{version}.tar.xz.asc
URL: https://curl.se
Source: https://curl.se/download/curl-%{version}.tar.xz
Source2: https://curl.se/download/curl-%{version}.tar.xz.asc
Source3: baselibs.conf
Source4: https://daniel.haxx.se/mykey.asc#/curl.keyring
Patch0: libcurl-ocloexec.patch
Patch1: dont-mess-with-rpmoptflags.diff
Patch2: curl-secure-getenv.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch4: curl-disabled-redirect-protocol-message.patch
Patch5: curl-use_OPENSSL_config.patch
Patch3: curl-disabled-redirect-protocol-message.patch
BuildRequires: libtool
BuildRequires: pkgconfig
Requires: libcurl4 = %{version}
@ -43,11 +42,13 @@ BuildRequires: groff
BuildRequires: lzma
BuildRequires: openldap2-devel
BuildRequires: pkgconfig(krb5)
BuildRequires: pkgconfig(libbrotlidec)
BuildRequires: pkgconfig(libidn2)
BuildRequires: pkgconfig(libmetalink)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: pkgconfig(libpsl)
BuildRequires: pkgconfig(libssh)
BuildRequires: pkgconfig(libzstd)
BuildRequires: pkgconfig(zlib)
%if %{with openssl}
BuildRequires: pkgconfig(libssl)
@ -92,18 +93,14 @@ user interaction or any kind of interactivity.
%patch0 -p1
%patch1
%patch2
%patch4 -p1
%patch5 -p1
# disable new failing test 1165
echo "1165" >> tests/data/DISABLED
%patch3 -p1
%build
# curl complains if macro definition is contained in CFLAGS
# see m4/xc-val-flgs.m4
CPPFLAGS="-D_FORTIFY_SOURCE=2"
CFLAGS=$(echo "%{optflags}" | sed -e 's/-D_FORTIFY_SOURCE=2//')
export CPPFLAGS CFLAGS
export CPPFLAGS
export CFLAGS="$CFLAGS -fPIE"
export LDFLAGS="$LDFLAGS -pie"
autoreconf -fiv
@ -135,25 +132,17 @@ sed -i 's/\(link_all_deplibs=\)unknown/\1no/' configure
# if this fails, the above sed hack did not work
./libtool --config | grep -q link_all_deplibs=no
# enable-hidden-symbols needs gcc4 and causes that curl exports only its API
make %{?_smp_mflags} V=1
%make_build
%if %{with testsuite}
%check
pushd tests
make %{?_smp_mflags} V=1
# make sure the testsuite runs don't race on MP machines in autobuild
if test -z "$BUILD_INCARNATION" -a -r /.buildenv; then
. /.buildenv
fi
if test -z "$BUILD_INCARNATION"; then
BUILD_INCARNATION=0
fi
%make_build
base=$((8990 + $BUILD_INCARNATION * 20))
# bug940009 do not run flaky tests for any architecture
# at least test 1510 do fail for i586 and ppc64le
perl ./runtests.pl -a -v -p -b$base '!flaky' || exit
find -type f -name "*.pl" -exec sed -i 's|#!.*/usr/bin/env perl|#!/usr/bin/perl|' "{}" +
find -type f -name "*.py" -exec sed -i 's|#!.*/usr/bin/env python.*|#!/usr/bin/python3|' "{}" +
perl ./runtests.pl -a -v -p '!flaky' || exit
popd
%endif
@ -170,7 +159,7 @@ popd
%files
%doc README RELEASE-NOTES CHANGES
%doc docs/{BUGS.md,FAQ,FEATURES,TODO,TheArtOfHttpScripting.md}
%doc docs/{BUGS.md,FAQ,FEATURES.md,TODO,TheArtOfHttpScripting.md}
%{_bindir}/curl
%{_datadir}/zsh/site-functions/_curl
%{_mandir}/man1/curl.1%{?ext_man}

6
libcurl-ocloexec.patch
View File

@ -68,12 +68,14 @@ Index: curl-7.69.0/lib/connect.c
===================================================================
--- curl-7.69.0.orig/lib/connect.c
+++ curl-7.69.0/lib/connect.c
@@ -1529,7 +1529,7 @@ CURLcode Curl_socket(struct connectdata
@@ -1529,7 +1529,9 @@ CURLcode Curl_socket(struct connectdata
}
else
/* opensocket callback not set, so simply create the socket now */
- *sockfd = socket(addr->family, addr->socktype, addr->protocol);
+ *sockfd = socket(addr->family, addr->socktype | SOCK_CLOEXEC, addr->protocol);
+ *sockfd = socket(addr->family,
+ addr->socktype | SOCK_CLOEXEC,
+ addr->protocol);
if(*sockfd == CURL_SOCKET_BAD)
/* no socket, no connection */